How important is it to digitally sign our executables?

Question

We produce a content management system. It\'s a database-based system, used only by businesses and organizations, and never downloadable from the Internet. That is, it\'s not th

Answer 1

From the tech side you already stated the pros/cons.

From the business point of view it depends on your users, maybe if you are selling B2B it wouldn’t matter as if you were selling B2C or to less savvy users whom would appreciate more a nicer UAC message.

Honestly, I wouldn’t worry.... If you haven’t had the urge and can't find a really good reason, then it’s not important yet.

I'd rather spend those efforts improving something else.

Answer 2

Pro: If using Verisign certificates, Windows Error Reporting can be used

Actually, to use Windows Error Reporting you need Verisign or other code accepted signing certificate, but you need the certificate only to access the WinQual system. The exe itself does not have to be signed at all, the error reporting works absolutely fine on unsigned exes as well.

Con: Signing has some maintenance overhead, how much I don't know. Would love to here from you...

The maintenance overhead highly depends on the quality of your build pipeline. If you build your application manually, then yes, it means a few more steps. However, if you have a build pipeline and your builds are automated, code signing means adding a few lines into the build scripts and storing the private key of the code signing certificate so that the build can access it (if you have a build server, your code signing certificate will most likely need to be stored on it).

Pro: When Vista/7 show one of those annoying UAC messages, signed apps are presented a bit more nicely

As for UAC prompt - does you application really need elevated or admin privileges to run? The best way to avoid this prompt is not to require any elevated privileges at all.

Answer 3

Signing has some maintenance overhead, how much I don't know.

I believe if you distribute signed executables, all dependent libraries have to be signed as well. If you're using some third-party modules over which you have no control, you can get an issue.